def __makeflow(self): if haveIPAddrGen: srcip = str(IPv4Address(ipaddrgen.generate_addressv4(self.ipsrcgen))) dstip = str(IPv4Address(ipaddrgen.generate_addressv4(self.ipdstgen))) else: srcip = str(IPAddress(int(self.ipsrc) + random.randint(0,self.ipsrc.numhosts-1))) dstip = str(IPAddress(int(self.ipdst) + random.randint(0,self.ipdst.numhosts-1))) ipproto = self.ipproto sport = dport = 0 if ipproto == IPPROTO_ICMP: # std way that netflow encodes icmp type/code: # type in high-order byte of dport, # code in low-order byte t = next(self.icmptype) c = next(self.icmpcode) dport = t << 8 | c # print 'icmp t,c,dport',hex(t),hex(c),hex(dport) else: if self.sport: sport = next(self.sport) if self.dport: dport = next(self.dport) flet = Flowlet(FlowIdent(srcip, dstip, ipproto, sport, dport)) flet.iptos = next(self.iptos) flet.flowstart = flet.flowend = fscore().now if flet.ipproto == IPPROTO_TCP: flet.ackflow = not self.autoack tcpflags = next(self.tcpflags) flaglist = tcpflags.split('|') xtcpflags = 0x0 for f in flaglist: if f == 'FIN': xtcpflags |= 0x01 elif f == 'SYN': xtcpflags |= 0x02 elif f == 'RST': xtcpflags |= 0x04 elif f == 'PUSH' or f == 'PSH': xtcpflags |= 0x08 elif f == 'ACK': xtcpflags |= 0x10 elif f == 'URG': xtcpflags |= 0x20 elif f == 'ECE': xtcpflags |= 0x40 elif f == 'CWR': xtcpflags |= 0x80 else: raise InvalidFlowConfiguration('Invalid TCP flags mnemonic ' + f) flet.tcpflags = xtcpflags return flet
def send_ack_flow(self, flowlet, input_intf): # print "constructing ack flow:", self.name, flowlet, prevnode, destnode, input_intf revident = flowlet.ident.mkreverse() revflet = Flowlet(revident) revflet.srcmac,revflet.dstmac = flowlet.dstmac,flowlet.srcmac revflet.ackflow = True revflet.pkts = flowlet.pkts/2 revflet.bytes = revflet.pkts * 40 revflet.iptos = flowlet.iptos revflet.tcpflags = flowlet.tcpflags revflet.ingress_intf = input_intf revflet.flowstart = fscore().now revflet.flowend = revflet.flowstart destnode = fscore().topology.destnode(self.name, revflet.dstaddr) # self.logger.debug("Injecting reverse flow: {}->{}".format(revflet.srcmac, revflet.dstmac)) self.flowlet_arrival(revflet, self.name, destnode)